pam-krb5 4.10

pam-krb5 is a relatively simple Kerberos PAM module with no dependencies on larger infrastructure such as sssd.

This is a small bug-fix release that fixes a possible double-free if krb5_cc_get_principal fails on the newly-acquired ticket cache during authentication. I am dubious this is exploitable because this temporary ticket cache should not be under the control of an attacker, but I'm putting out a release just in case. Thanks to Michael Muehle for the report.

You can get the latest release from the pam-krb5 distribution page.

Posted: 2021-03-20 13:34 — Why no comments?

Last spun 2022-02-06 from thread modified 2021-03-20